Method and apparatus for routing and forwarding between virtual routers within a single network element

ABSTRACT

A method and apparatus for routing and forwarding between virtual routers is described. A method in a single network element comprises peering a first virtual router to a second virtual router, wherein the first and second virtual routers have separate address spaces and separate routing tables, distributing a set of one or more routes from the first virtual router to the second virtual router, wherein a first of the set of routes identifies the first virtual router as a next hop of the first route, said first route including a destination, and downloading to a set of one or more forwarding tables, the destination and the next hop.

CROSS-REFERENCE TO RELATED APPLICATIONS

[0001] This application claims the benefit of U.S. Provisional PatentApplication No. 60/397,353, entitled “Method and Apparatus for Routingand Forwarding Between Virtual Routers Within a Single Network Element”filed on Jul. 20, 2002.

BACKGROUND OF THE INVENTION

[0002] 1. Field of the Invention

[0003] The invention relates to the field of communication. Morespecifically, the invention relates to communication networks.

[0004] 2. Background of the Invention

[0005] The development of virtual routers within a single networkelement provided certain benefits and functionality unavailable withlegacy routers. For example, a single network element with virtualrouters could service multiple Internet Service Providers and/orcorporations with the single network element.

[0006]FIG. 1 (Prior Art) is a diagram of a single network element withvirtual routers. In FIG. 1, a network element 101 includes virtualrouters VR-A 111, VR-B 113, and VR-C 115. Each of the virtual routers111, 113, and 115 respectively receive traffic from ingress ports103A-103C and respectively transmit traffic out of the egress ports151A-151C as illustrated in FIG. 1. The virtual router VR-A 111 receivestraffic 109A from the ingress port 103A and transmits the traffic 109Aout of the egress port 151A. The virtual router VR-B 113 receivestraffic 109B from the ingress port 103B and transmits the traffic 109Bout of the ingress port 151B. The virtual router VR-C 115 receivestraffic 109C from the ingress port 103C and transmits the traffic 109Cout of the egress port 151C.

[0007] Network elements that support the virtual routers, performedinter-VR forwarding based on the forwarding scheme described (i.e., withstandard interfaces). If VR-A 111 received a packet for transmission toVR-B 113, then the VR-A 111 looked up the next hop in its routing table,found an interface that was associated with the ingress port 103B, andforwarded the packet based on that interface.

[0008] Despite the advantages offered by virtual routers and thecapability of a single network element to behave as multiple routers,the virtual routers within a single network element do not communicaterouting and/or forwarding information as if separate routers.

BRIEF SUMMARY OF THE INVENTION

[0009] A method and apparatus for routing and forwarding between virtualrouters is described. According to one aspect of the invention, a methodin a single network element provides for peering a first virtual routerto a second virtual router, wherein the first and second virtual routershave separate address spaces and separate routing tables. A set of oneor more routes are distributed from the first first virtual router tothe second virtual router, wherein a first of the set of routesidentifies the first virtual router as a next hop of the first route,said first route including a destination. In addition, the methodprovides for downloading to a set of one or more forwarding tables, thedestination and the next hop.

[0010] These and other aspects of the present invention will be betterdescribed with reference to the Detailed Description and theaccompanying Figures.

BRIEF DESCRIPTION OF THE DRAWINGS

[0011] The invention may best be understood by referring to thefollowing description and accompanying drawings that are used toillustrate embodiments of the invention. In the drawings:

[0012]FIG. 1 (Prior Art) is a diagram of a single network element withvirtual routers.

[0013]FIG. 2 is an exemplary diagram illustrating forwarding betweenvirtual routers according to one embodiment of the invention.

[0014]FIG. 3A is an exemplary diagram illustrating peering of virtualrouters according to one embodiment of the invention.

[0015]FIG. 3B is an exemplary diagram illustrating additional peering ofvirtual routers according to one embodiment of the invention.

[0016]FIG. 3C is an exemplary diagram illustrating inter-VR interfacesas local area network interfaces according to one embodiment of theinvention.

[0017]FIG. 4 is an exemplary diagram illustrating external routedistribution between virtual routers according to one embodiment of theinvention.

[0018]FIG. 5 is a diagram of an exemplary network element according toone embodiment of the invention.

DETAILED DESCRIPTION OF THE INVENTION

[0019] In the following description, numerous specific details are setforth to provide a thorough understanding of the invention. However, itis understood that the invention may be practiced without these specificdetails. In other instances, well-known circuits, structures, standards,and techniques have not been shown in detail in order not to obscure theinvention. The terms “routing table” and “forwarding table” are usedthroughout the description, but are not limited to being tables. Arouting table and a forwarding table may be implemented with a varietyof data structures (e.g., trees, tries, linked lists, hash tables,hybrid data structures, etc.).

[0020]FIG. 2 is an exemplary diagram illustrating forwarding betweenvirtual routers according to one embodiment of the invention. FIG. 2illustrates a network element 202 as including a virtual router 205A anda virtual router 205B. The virtual router 205A is identified as VR-A andthe virtual router 205B is identified as VR-B.

[0021] The virtual router 205A includes interior gateway routing tables209, an exterior gateway routing table 211, and a main routing table213. Interior gateway routing protocol processes (e.g., OSPF, RIP, iBGP,IS-IS, etc.) build each of the interior gateway routing tables 209. Theinterior gateway routing tables 209 indicate routing information forreaching a destination, as determined by a corresponding interiorgateway routing protocol process, that is internal to an autonomoussystem (AS), which includes the virtual router 205A. A processimplementing an exterior gateway protocol (e.g., BGP-v4, EGP, etc.)builds the exterior gateway routing table 211. The exterior gatewayrouting table 211 indicates routing information for reachingdestinations external to the AS of the virtual router 205A. The mainrouting table 213 is built using route entries from the interior gatewayrouting tables 209, the exterior gateway routing table 211, andinterfaces from an interface manager 271.

[0022] The interface manager 271 includes a data structure thatindicates interfaces and their corresponding reachable IP addresses viathe interfaces. In certain embodiments of the invention, the interfacemanager also associates lower layer hardware information learned fromlower layer protocols with interfaces. Each routing process exchangesrouting information with other network elements through interfaces andinstall learned reachable routes into the main routing table, which areeventually downloaded into forwarding tables of the data plane from themain routing table in the control plane. The interface manager 271indicates and maintains a status for each interface of the host networkelement. A routing process utilizes interface status to make correctrouting decisions.

[0023] The first column of each entry within each of the routing tables209, 211, and 213 indicates a destination. The last column of each entrywithin each of the routing tables 209, 211, and 213 as illustrated inFIG. 2 indicates a next hop. A next hop is either an interface next hop(i.e., a logical or physical interface) or a non-interface next hop(e.g., an IP address, a virtual router name, etc.). The remainingcolumns within each of the routing tables 209, 211, and 213 indicateadditional routing information, such as line, metrics, etc.

[0024] The virtual router 205A also includes a forwarding module 207 anda forwarding table 219. The forwarding module 207 forwards packets thatare received by the virtual router 205A in accordance with theforwarding table 219. The forwarding table 219 receives informationdownloaded from the main routing table.

[0025] In the example illustrated by FIG. 1, the interior gatewayrouting tables 209 includes internal destinations ID1, ID2, and ID3 withcorresponding next hops I/F1, VR-B, and ADDRESS, respectively. ID1, ID2and ID3 are identifying data (e.g., IP addresses, prefixes, etc.) ofother network elements within the same AS as the virtual router 205A.One or more of the internal destinations may also be another virtualrouter within the same network element (e.g., ID1 may be VR-B). While inone embodiment of the invention, internal destinations that are othervirtual routers are identified with a virtual router identifier (i.e.,virtual router handle), alternative embodiments of the invention mayidentify an internal destination with other techniques (e.g., IPaddress, inter-VR interface, etc.). The next hop I/F is a physicalinterface and the next hop VR-B may be a logical interface thatindicates a VR instead of an IP address (i.e., an inter-VR interface), avirtual router handle, etc.

[0026] An inter-virtual router next hop is a unique value within thenetwork element 202 that identifies a specific virtual router. When anadministrator creates a virtual router, the administrator provides auser-friendly virtual router identifier (“VR name”) for the createdvirtual router. In response to the creation of a virtual router, thenetwork element 202 creates and associates a unique virtual routeridentifier (“VR identifier”) to be utilized by the network element 202to identify the created virtual router. While in one embodimentinter-virtual router next hops in the routing tables are VR identifiers,alternative embodiments of the invention may utilize alternativetechniques to identify inter-VR next hops (e.g., the routing tableindicates the VR name and a table that associates the VR name to a VRidentifier is used to access the VR identifier, an inter-VR interfacevalue is created within the network element and associated with aVR-identifier or VR-name in another data structure, etc.). For thepurposes of this description, an inter-VR next hop is the VR identifier.

[0027] The exterior gateway routing table 211 as illustrated in FIG. 2indicates external destinations ED1, ED2, and ED3 and corresponding nexthops ADDRESS, I/F2, and VR-B, respectively. As with the internaldestinations, the external destinations ED1, ED2, and ED3 can be IPaddresses, prefixes, etc. While in one embodiment of the invention,external destinations that are other virtual routers are identified byan IP address or prefix, in alternative embodiments of the invention theexternal destination may be a VR name or VR identifier.

[0028] When the forwarding module 207 receives a packet 201, theforwarding module 207 determines the destination of the packet 201. Thedestination of the packet 201 is looked up in the forwarding table 219to determine the appropriate outgoing interface. If the destination ofthe packet 201 is ID1, then the forwarding module 207 forwards thepacket 201 to an egress port that corresponds to the outgoing interfaceI/F. If the destination of the packet 201 is ED3, then the forwardingmodule 207 forwards the packet 201 to the virtual router 205B. If thepacket 201 is forwarded to the virtual router 205B, the virtual router205B will process the packet 201 in accordance with itsforwarding/routing information (e.g., drop the packet 201, forward thepacket 201 to the appropriate egress port, forward the packet 201 toanother virtual router, etc.).

[0029] The decision mechanism for determining whether a packet will beforwarded to an egress port or another virtual router can be implementedwith a variety of techniques. In one embodiment of the invention, theforwarding module determines if the next hop indicated by the forwardingtable for a packet is an inter-VR next hop. If the next hop is aninter-VR next hop then the corresponding packet is forwarded to theappropriate virtual router. If the next hop is not an inter-VR next hop(e.g., a logical or physical interface that does not indicate a virtualrouter, an IP address, etc.), then the packet is processed accordingly(e.g., if the next hop is a physical interface, then the packet isprocessed at lower layers in order to forward the packet along theappropriate hardware lines to the egress port). In another embodiment ofthe invention, a switching module is implemented separately from theforwarding module. If the next hop for a packet is a physical interface,then the forwarding module passes the packet to the switching module,which forwards the packet along the hardware lines that correspond tothe physical interface. If the next hop is an inter-VR next hop, thenthe forwarding module forwards the packet to the appropriate virtualrouter.

[0030] In addition other techniques can be used to determine whether thenext hop is a virtual router, an IP address, a physical interface, alogical interface, etc. In one embodiment of the invention, anadditional field is included in each routing and forwarding table entryto explicitly indicate a type for the outgoing interface. In anotherembodiment of the invention, the value of the next hop implicitlyindicates whether the next hop is a VR next hop or non-VR next hop.

[0031] Enabling inter-VR routing and forwarding provides additionalfunctionality. A service provider that is a customer of a networkprovider, which owns a network element with inter-VR routing andforwarding, can allow its virtual private network (VPN) customers toexchange routes. In addition, inter-VR routing and forwarding enables aservice provider's VPN customers to use the provider's network forInternet access. Inter-VR routing and forwarding can also be utilized toallow service providers to announce VPN customers' routes if they arepart of the public address space.

[0032] Inter-VR routing and forwarding also enables virtual routers toreplace customer premise equipment (CPE) routers. The service providerand/or network provider can utilize a virtual router to perform thetasks typically performed by a CPE router, especially for thosecustomers that access the network from multiple locations.

[0033] If multiple customers of a network provider are on the samenetwork element with virtual routers, then inter-VR routing andforwarding enables local area, metro area, and/or intra-continentalprivate peerings without utilizing physical lines and/or ports toconnect virtual routers.

[0034] Inter-VR routing and forwarding also provides additionalcapabilities with respect to testing and parallel networkinter-communication. Since virtual routers can be connected withoutwires, then numerous virtual routers can be peered or connected torepresent the topology of actual networks. The inter-VR routing andforwarding can then be used to simulate routing in different networktopologies without cables and wires. For parallel networkinter-communication, a service provider with an operational legacynetwork and a next generation network can utilize inter-VR routing andforwarding for experimental, trial, and/or operational exchanges ofroutes between the different networks (assuming the different networksinclude virtual routers within individual network elements). Moreover,the service provider can utilize inter-VR routing and forwarding tomigrate their customers from a legacy network to a next generationnetwork.

[0035]FIGS. 3A-3C are exemplary diagrams illustrating interior gatewayrouting tables being built with inter-VR routes according to oneembodiment of the invention. FIG. 3A is an exemplary diagramillustrating peering of virtual routers according to one embodiment ofthe invention. In FIG. 3A, a virtual router 303A (VR-A) is peered withvirtual routers 303B and 303C. The virtual routers 303A, 303B, and 303Crespectively have IP addresses 10.1.1.1, 10.1.1.2, and 10.1.1.3. Thevirtual routers are peered with static routing (i.e., an administratorconfigures the connections between the virtual routers). Anadministrator configures an inter-VR interface 315L.B on the virtualrouter 303A to reach the virtual router 303B and an inter-VR interface315L.C also on the virtual router 303A to reach the virtual router 303C.While configuring the interfaces on the virtual router 303A, theadministrator also configures inter-VR interfaces 315B.L and 315C.Lrespectively on the virtual routers 303B and 303C. In response to theconfiguration, the interior gateway routing tables of the virtualrouters are updated.

[0036] An interior gateway routing tables 307A for the virtual router303A is updated to include a routing entry that indicates destination10.1.1.2 reachable via next hop VR-B and a destination 10.1.1.3reachable via next hop VR-C. While in one embodiment, the next hops to avirtual router are indicated with a VR identifier, alternativeembodiments of the invention may indicate a virtual router next hop withthe virtual router's name or IP address.

[0037] An interior gateway routing tables 307B for the virtual router303B is updated to include a routing entry that indicates a destination10.1.1.1 reachable via inter-VR interface 315B.L, which is the VRidentifier for the virtual router 303A. An interior gateway routingtables 307C for the virtual router 303C is updated to include a routingentry that indicates the destination 10.1.1.1 reachable via inter-VRinterface 315C.L.

[0038] In an embodiment that processes packets sent over inter-VRinterfaces with a single routing process, a packet can be processedwithout inter-process communication. For example, if RIP is configuredon inter-VR interface 315L.B and the RIP process sends a packet over theinter-VR interface 315L.B, the RIP packet immediately considers thepacket as received on the inter-VR interface 315B.L by the single RIPprocess. Routing processes (both interior and exterior gateway routingprotocol processes) can exchange routing information via the inter-VRinterfaces. The routing processes download these routes into the mainrouting table using inter-VR interfaces as next hops.

[0039]FIG. 3B is an exemplary diagram illustrating peering of virtualrouters that are not virtual router local (virtual router 303A)according to one embodiment of the invention. In FIG. 3B, the virtualrouters 303B and 303C have been connected. The virtual router 303B hasbeen configured to reach the virtual router 303C via the inter-VRinterface 315B.C and the virtual router 303C has been configured toreach the virtual router 303B via the inter-VR interface 315C.B. Varioustechniques can be implemented to prevent redundant connections beingcreated between virtual routers. In one embodiment of the invention, acheck is performed when the administrator enters a configuration thatbinds interfaces of two virtual routers.

[0040] In another embodiment of the invention, an inter-VRpoint-to-point (p2p) interface is utilized. The interface managerensures only a single bind number is utilized to connect a pair ofvirtual routers, although alternative embodiments of the invention mayallow for multiple connections between virtual routers. An interiorgateway routing protocol process registers an interest in the configuredinterfaces for each virtual router with the interface manager. Inresponse, the interface manager provides the registering interiorgateway routing protocol process with the corresponding bind number,bound virtual router, and the type of interface. For example, assume thefollowing configuration is entered:

[0041] virtualrouter A

[0042] interface I/Fl inter-VR-p2p bind1

[0043] igp router networkA

[0044] virtualrouter B

[0045] interface I/F2 inter-VR-p2p bind1

[0046] igp router networkB

[0047] The first set of configuration commands configures the interfaceI/F1 on the virtual router A. The second set of commands configures theinterface I/F2 on the virtual router B. The interface manager creates atuple that reflects the configuration of these interfaces on theircorresponding virtual routers. When the interior gateway routingprotocol process learns this inter-VR interface binding from theinterface state manager, the interior gateway routing protocol processcan do peering between VR-A and VR-B across this inter-VR interface asif VR-A and VR-B were two separate network elements.

[0048]FIG. 3C is an exemplary diagram illustrating inter-VR interfacesas local area network interfaces according to one embodiment of theinvention. In FIG. 3C, each of the virtual routers 303A, 303B and 303Care connected to a virtual router local area network (VR-LAN) 323. TheVR-LAN 323 is identified as VR-LAN-1. Although the virtual routers 303A,303B and 303C are illustrated as being connected to the VR-LAN 323 forthis example, fewer or more virtual routers may be connected to theVR-LAN. In addition, multiple VR-LANs can be defined with variousdifferent groups of virtual routers connected to the different VR-LANS.For example, VR-B, VR-C and VR-A may be connected to VR-LAN-1, whileVR-A, VR-C are connected to VR-LAN-2. Alternatively, VR-LAN-1 maycomprise VR-A, VR-B and VR-C while VR-LAN-2 may comprise VR-A, VR-B, andVR-C.

[0049] After the administrator configures VR-LAN interfaces 315L.V,315B.V, and 315C.V respectively on the virtual routers 303A, 303B and303C, the interior gateway routing protocol process registers aninterest in the interface 315L.V for the virtual router 303A with theinterface manager. The interface manager provides the registeringinterior gateway routing protocol process with the associated VR-LANnumber, VR-LAN-1, which identifies the VR-LAN 323. While in oneembodiment of the invention, the interior gateway routing protocolprocess accesses a data structure (e.g., a linked list) which indicateseach VR-LAN interface associated with the VR-LAN identified by theinterface manager, alternative embodiments of the invention may providethe interior gateway routing protocol process the associated VR-LANinterfaces differently (e.g., the interface manager may maintain a datastructure that indicates the VR-LAN and associated VR-LAN interfaces).The interior gateway routing protocol process updates its interiorgateway routing tables to indicate the associated VR-LAN interfaces asillustrated in FIG. 3C. In an alternative embodiment of the invention,the interior gateway routing protocol process accesses the VR-LAN datastructure that indicates associated VR-LAN interfaces instead ofinserting the data structure in the interior gateway routing table. Whenthe interior gateway routing protocol process transmits a controlpacket, the interior gateway routing protocol processes transmits toeach VR-LAN interface associated with the VR-LAN. After transmitting thecontrol packet, the interior gateway routing protocol process marks theassociated VR-LAN interfaces as received. For example, assume OSPF isconfigured on interfaces 315L.V, 315B.V, 315C.V. If OSPF sends a packeton 315B.V to the VR-LAN 323 for the VR-B 303B, the sent OSPF packet isimplicitly received on the interfaces 315L.V and 315C.V. In anembodiment that implements a single routing process for more than onevirtual router, the single routing process (e.g., OSPF) handles thesending and receiving without inter-process communication.

[0050] Regardless of the interface technique being used, packetsforwarded between virtual routers are passed directly between virtualrouters and not passed down for lower layer processing. In alternativeembodiments of the invention, packets may be passed down for lower layerprocessing (e.g., to the kernel socket, which is a communication channelbetween routing processes and the data plane that includes line cards)to maintain agnostic routing or minimize the amount of modification madeto routing protocols.

[0051]FIG. 4 is an exemplary diagram illustrating external routedistribution between virtual routers according to one embodiment of theinvention. In FIG. 4, a virtual router 401 with IP address 10.1.1.1 ispeered with virtual routers 403A and 403B via inter-VR interfaces 415L.Band 415L.C, respectively. The peering is established with either staticrouting or with interior gateway routing protocol process. The virtualrouters 401, 403A and 403B respectively have exterior gateway routingtables 405, 407A and 407B. The bolded entries in the exterior gatewayrouting tables 405, 407A, and 407B have been learned from other virtualrouters.

[0052] The virtual router 401 has learned routes to externaldestinations ED2 and ED7 directly from virtual routers 403A and 403B,respectively. The virtual router 403A has learned routes to externaldestinations ED1 and ED7 from the virtual router 401. The virtual router403B has learned routes to external destinations ED1, ED2, and ED5 fromthe virtual router 401.

[0053] Various route distribution policies can be applied todistribution of routes between virtual routers. If a customer does notwant routes from its virtual router distributed, then the customer'svirtual router should not be peered with any other virtual routers thatdo not fall under the customer's control. A policy may be implemented ona network element that allows the virtual router local to learn routesbut not distribute routers. Alternatively, certain routes may be taggedas either restricted or unrestricted for inter-VR route distribution.

[0054]FIG. 5 is a diagram of an exemplary network element according toone embodiment of the invention. In FIG. 5, a network element 500includes a control card 503 coupled with a set of line cards 515A-515Cvia a transmission medium 551 (e.g., a packet mesh, switching medium,etc.). The control card 503 hosts external routing processes 505A-505Fand corresponding exterior gateway routing tables 507A-507F. The controlcard 503 also hosts internal routing processes 506A-506F andcorresponding interior gateway routing tables 509A-509F. Each of theinternal routing processes 506A-506F and their corresponding VR interiorgateway routing tables 509A-509F are used by a different virtual routerconfigured on the network element 500. Each of the external routingprocesses 505A-505F and their corresponding VR exterior gateway routingtables 507A-507F are used by the different virtual router configured onthe network element 500.

[0055] Each of the line cards 515A-515C include one or more forwardingtables. The line card 515A includes VR forwarding tables 517A-517F. Theline card 515B includes VR forwarding tables 517B-517E. The line card515C includes the VR forwarding table 517A. The forwarding tables517A-517F are created from forwarding information downloaded from thecontrol card 503. Each of the VR forwarding tables corresponds to adifferent virtual router configured on the network element 500. In analternative embodiment of the invention, a virtual router uses more thanone VR forwarding table, VR interior gateway routing table, and/or VRexterior gateway routing table. In another alternative embodiment of theinvention, a single external and/or internal routing process is sharedby different virtual routers.

[0056] The control card 503 and line cards 517A-517C illustrated in FIG.5 and the network elements described in the Figures include memories,processors, and/or ASICs. Such memories include a machine-readablemedium on which is stored a set of instructions (i.e., software)embodying any one, or all, of the methodologies described herein.Software can reside, completely or at least partially, within thismemory and/or within the processor and/or ASICs. For the purpose of thisspecification, the term “machine-readable medium” shall be taken toinclude any mechanism that provides (i.e., stores and/or transmits)information in a form readable by a machine (e.g., a computer). Forexample, a machine-readable medium includes read only memory (“ROM”),random access memory (“RAM”), magnetic disk storage media, opticalstorage media, flash memory devices, electrical, optical, acoustical, orother forms of propagated signals (e.g., carrier waves, infraredsignals, digital signals, etc.), etc.

[0057] While the invention has been described in terms of severalembodiments, those skilled in the art will recognize that the inventionis not limited to the embodiments described. The method and apparatus ofthe invention can be practiced with modification and alteration withinthe spirit and scope of the appended claims The description is thus tobe regarded as illustrative instead of limiting on the invention.

We claim:
 1. A machine-readable medium that provides instructions, whichwhen executed by a set of one or more processors, cause said set ofprocessors to perform operations comprising: indicating for a route alogical interface as a next hop for a destination, said logicalinterface identifying a first virtual router, said first virtual routerincluding a first routing table; and inserting said route into a secondrouting table of a second virtual router, wherein said first routingtable is for a first address space different than the second routingtable's address space.
 2. The machine-readable medium of claim 1 furthercomprising: indicating for a second route a second logical interface asa second next hop for a second destination, said second logicalinterface identifying the second virtual router; inserting said secondroute into the first routing table; and exchanging route informationbetween the first and second virtual routers via the second and firstlogical interfaces.
 3. The machine-readable medium of claim 1 furthercomprising downloading the destination and the logical interface to adata plane and forwarding packets from the second virtual router to thefirst virtual router with the logical interface.
 4. The machine-readablemedium of claim 1 further comprising: transmitting a packet from thesecond virtual router to a third virtual router via a second logicalinterface that identifies the VLAN; and receiving the packet on a thirdlogical interface associated with the VLAN and the third virtual router.5. A machine-readable medium that provides instructions, which whenexecuted by a set of one or more processors, cause said set ofprocessors to perform operations comprising: peering a first virtualrouter to a second virtual router, wherein the first and second virtualrouters have separate address spaces and separate routing tables;distributing a set of one or more routes from the first virtual routerto the second virtual router, wherein a first of the set of routesidentifies the first virtual router as a next hop of the first route,said first route including a destination; and downloading to a set ofone or more forwarding tables, the destination and the next hop.
 6. Themachine-readable medium of claim 5 wherein said peering comprises:generating a first logical interface that indicates the first virtualrouter; generating a second logical interface that indicates the secondvirtual router; associating the first logical interface with the secondvirtual router; and associating the second logical interface with thefirst virtual router.
 7. The machine-readable medium of claim 6 furthercomprising a routing protocol process exchanging routing information viathe first and second logical interfaces.
 8. The machine-readable mediumof claim 5 wherein the next hop is a logical interface that indicatesthe first virtual router.
 9. The met machine-readable medium of claim 5wherein the next hop is the first virtual router's identifier.
 10. Themachine-readable medium of claim 5 further comprising associating thefirst and second virtual routers with a virtual local area network(VLAN).
 11. The machine-readable medium of claim 10 wherein saidassociating comprises: generating in said second virtual router'srouting table a first route that includes said VLAN as a destination anda first logical interface that indicates said first virtual router; andgenerating in said first virtual router's routing table a second routethat includes said VLAN as a destination and a second logical interfacethat indicates said second virtual router.
 12. The machine-readablemedium of claim 10 further comprising said first and second virtualrouters exchanging routing information via the VLAN.
 13. Amachine-readable medium that provides instructions, which when executedby a set of one or more processors, cause said set of processors toperform operations comprising: inserting in a first virtual router'srouting table a route, said route indicating a destination and a nexthop, said next hop identifying a second virtual router, wherein saidfirst virtual router corresponds to a first address space different froma second address space that corresponds to the second virtual router;and downloading the route to a forwarding table.
 14. Themachine-readable medium of claim 13 wherein said next hop is a logicalinterface.
 15. The machine-readable medium of claim 13 wherein said nexthop is the second virtual router's identifier.
 16. The machine-readablemedium of claim 13 further comprising said first virtual routerexchanges routing information with said second virtual router via saidroute.
 17. The machine-readable medium of claim 13 further comprisingforwarding a packet from said first virtual router to said secondvirtual router in accordance with said next hop indicated in saidforwarding table.